3200 Final

Ace your homework & exams now with Quizwiz!

What is the Gramm-Leach-Bliley Act? - Implements the principle that a signature, contract, or other record may not be deleted - Denies legal effect, validity, or enforceability solely because it is electronic form - Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications - Makes it a violation of federal law to knowingly use another's identity - A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

A signature database contains a list of the contents of the IP packet header's signature block, for every type of packet the IDS monitors. True or False

A signature database contains a list of the contents of the IP packet header's signature block, for every type of packet the IDS monitors.

What does a host-based IDS monitor? - A single system - Networks - Physical intrusions into facilities - A system and all its surrounding systems

A single system

Simple rule sets that are applied to port number and IP addresses are called - Network address translation - Stateful packet filtering - Access control lists - Basic packet filtering

Access control lists

The Electronic Communications Privacy Act (ECPA) of 1986 - Implements the principle that a signature, contract, or other record may not be - Denies legal effect, validity, or enforceability solely because it is electronic form - Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications - Makes it a violation of federal law to knowingly use another's identity - A major piece of legislation affecting the financial industry and containing significant privacy provisions for individuals

Addresses a myriad of legal privacy issues that were resulting from the increasing use of computers and other technology specific to telecommunications

What are laws and regulations created by government-sponsored agencies such as the EPA, the FAA, and the FCC? - Statutory laws - Administrative laws - Common laws - Blue laws

Administrative laws

Your boss would like you to implement a network device that will monitor traffic and turn off processes and reconfigure permissions as necessary. To do this you would use - A firewall - A sniffer - A passive HIDS - An active HIDS

An active HIDS

The Wassenaar Arrangement can be described as which of the following? - An international arrangement on export controls for conventional arms as well as dual-use goods and technologies - An international arrangement on import controls - A rule governing import of encryption in the United States - A rule governing export of encryption in the United States

An international arrangement on export controls for conventional arms as well as dual-use goods and technologies

Which component of an IDS examines the collected network traffic and compares it to known patterns of suspicious or malicious activity? - Traffic collector - Analysis engine - Signature database - Examination collector

Analysis engine

The difference between misuse and anomaly IDS models is - Misuse models require knowledge of normal activity, whereas anomaly models don't. - Anomaly models require knowledge of normal activity, whereas misuse models don't. - Anomaly models are based on patterns of suspicious activity. - Anomaly model-based systems suffer from many false negatives

Anomaly models require knowledge of normal activity, whereas misuse models don't.

The security tool that will hide information about the requesting system and make the browsing experience secret is a - Web proxy - Reverse proxy - Anonymizing proxy - Open proxy

Anonymizing proxy

What is a software bomb? - A firework that destroys all the disks and CDs in your library - Any commands executed on the computer that have an adverse effect on the data being investigated - Screensavers that show fireworks going off - Software trying to access a computer

Any commands executed on the computer that have an adverse effect on the data being investigated

Antivirus products do all of the following EXCEPT: - Automated updates - Media scanning - Block network traffic based on policies - Scan e-mail for malicious code and attachments

Block network traffic based on policies

The law that regulates unsolicited commercial e-mail is the - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

CAN-SPAM Act

Which law prohibits the collection of information from children on web sites? - VPPA - FERPA - COPPA - CFAA

COPPA

Which of the following countries has a long reputation of poor privacy practices? - England - Japan - China - United States

China

What do you call a law based on previous events or precedents? - Statutory law - Administrative law - Common law - Blue law

Common law

Which law makes it a crime to knowingly access a computer that is either considered a government computer or used in interstate commerce, or to use a computer in a crime that is interstate in nature? - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

Computer Fraud and Abuse Act

_____________ is the unauthorized entry into a computer system via any means. - Computer trespass - Computer entry - Computer hacking - Cyber crime

Computer trespass

The EU has developed a comprehensive concept of privacy, which is administered via a set of statutes known as what? - Privacy protection - Data protection - PII protection - ID theft protection

Data protection

What type of evidence is used to aid a jury and may be in the form of a model, experiment, chart, and so on, to indicate that an event occurred? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Demonstrative evidence

Which law makes it illegal to develop, produce, and trade any device or mechanism designed to circumvent technological controls used in copy protection? - Sarbanes-Oxley Act - Digital Millennium Copyright Act - US Digital Signatures Law - Computer Fraud and Abuse Act

Digital Millennium Copyright Act

Oral testimony that proves a specific fact with no inferences or presumptions is what type of evidence? - Hearsay - Real evidence - Direct evidence - Demonstrative evidence

Direct evidence

Business records, printouts, and manuals are what type of evidence? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Documentary evidence

What must you do in order to sniff the traffic on all ports on a switch? - Nothing; you can see all the traffic on a switch by default. - Nothing; a switch does not allow you do see all traffic. - Enable port mirroring. - Run a cable to each port.

Enable port mirroring.

Which of the following rules applies to evidence obtained in violation of the Fourth Amendment of the Constitution? - Best evidence rule - Exclusionary rule - Hearsay rule - Evidentiary rule

Exclusionary rule

Which of the following is NOT a component of an IDS? - Traffic collector - Signature database - Expert knowledge database - User interface and reporting

Expert knowledge database

A principal reference for rules governing the export of encryption can be found in the - Bureau of Industry and Security - U.S. Department of Commerce - Export Administration Regulations - State Department

Export Administration Regulations

Which of the following is a characteristic of the Patriot Act? - Extends the tap-and-trace provisions of existing wiretap statutes to the Internet, and mandates certain technological modifications at ISPs to facilitate electronic wiretaps on the Internet - A major piece of legislation affecting the financial industry, and also one with significant privacy provisions for individuals - Makes it a violation of federal law to knowingly use another's identity - Implements the principle that a signature, contract, or other record may not be deleted - Denies legal effect, validity, or enforceability solely because it is electronic form

Extends the tap-and-trace provisions of existing wiretap statutes to the Internet, and mandates certain technological modifications at ISPs to facilitate electronic wiretaps on the Internet

Which law mandates that information that is no longer needed must be properly disposed of, either by burning, pulverizing, or shredding? - FCRA - PCI DSS - FACTA - GBLA

FACTA

Which act requires credit agencies to perform timely investigations on inaccuracies reported by consumers? - FCRA - PCI DSS - FACTA - GBLA

FCRA

A school principle allows for student information to be accessed by a marketing company in exchange for goods and services for the school. The principle may have violated which law? - Privacy Act of 1974 - FOIA - FERPA - FACTA

FERPA

Which law was designed to enable public access to US government records? - Privacy Act of 1974 - FOIA - FERPA - FACTA

FOIA

Deploying, maintaining, and upgrading host-based IDSs in a large network is cheaper than NIDSs. True or False

False

FCRA is designed to protect educational records of students at the K-12 level. True or False

False

FERPA was designed to enable public access to US government records. True or False

False

Falsifying header information is not covered by the CAN-SPAM Act. True or False

False

Hostile activity that does not match an IDS signature and goes undetected is called a false positive. True or False

False

In order to identify a specific individual, the entire set of PII must be disclosed. True or False

False

Network-based IDS examines activity on a system such, as a mail server or web server. True or False

False

Privacy laws as they relate to education are very recent phenomena. True or False

False

Privacy laws in Europe are built around the concept that privacy is not a fundamental human right. True or False

False

The governments in Europe and the United States have taken the same approach to controlling privacy through legislation. True or False

False

The low risk of being caught is one of the reasons that criminals are turning to computer crime. True or False

False

The misuse detection IDS model is more difficult to implement than the anomaly detection model, and is not as popular as a result. True or False

False

While NIDS are able to detect activities such as port scans and brute force attacks, it is unable to detect tunneling. True or False

False

Clusters that are marked by the operating system as usable is referred to as which of the following? - Free space - Slack space - Open space - Unused space

Free space

A patient's medical records are shared with a third party who is not a medical professional and without the patient's approval. Which law may have been violated? - FERPA - FOIA - HIPAA - The Medical Records Security and Safety Act

HIPAA

A new breed of IDS that is designed to identify and prevent malicious activity from harming a system. - Dynamic IDS - Preventive IDS - Active IDS - HIPS

HIPS

Which of the following has the least volatile data? - CPU storage - RAM - Hard drive - Kernel tables

Hard drive

Evidence offered by a witness that is not based on the personal knowledge of the witness, but is being offered to prove the truth of the matter asserted, fall under which rule of evidence? - Best evidence rule - Exclusionary rule - Hearsay rule - Relevant evidence rule

Hearsay rule

What device would you use to attract potential attacks, so that you could safely monitor the activity and discover the intentions of the attacker? - Firewall - Antivirus - IDS - Honeypot

Honeypot

How does IPS differ from an IDS? - IPS is passive and IDS is active. - IPS uses heuristics and IDS is signature based. - IPS will block, reject, or redirect unwanted traffic; an IDS will only alert. - IDS will block, reject, or redirect unwanted traffic; an IPS will only alert.

IPS will block, reject, or redirect unwanted traffic; an IDS will only alert.

The electronic signatures in the Global and National Commerce Act - Implement the principle that a signature, contract, or other record may not be denied legal effect, validity, or enforceability solely because it is electronic form - Address a myriad of legal privacy issues resulting from the increased use of computers and other technology specific to telecommunications - Make it a violation of federal law to knowingly use another's identity - Are a major piece of legislation affecting the financial industry, and contains significant privacy provisions for individuals

Implement the principle that a signature, contract, or other record may not be denied legal effect, validity, or enforceability solely because it is electronic form

Your boss is concerned about employees viewing in appropriate or illegal web sites in the workplace. Which device would be the best at addressing this concern? - Antivirus - Firewall - Protocol analyzer - Internet content filter

Internet content filter

The model that most modern intrusion detection systems use is largely based upon a model created by Dorothy Denning and Peter Neumann called: - Intrusion Detection Interface System (IDIS) - Intrusion Response Interdiction system (IRIS) - Intrusion Detection Expert System (IDES) - Discovery, Haystack, Multics Intrusion Detection and Alerting System (MIDAS)

Intrusion Detection Expert System (IDES)

What is a message digest? - It is a hash function that can be used to compare two files to see if they are identical. - A condensed version of the messages that the computer receives. - Messages that the computer sends to other computers - Availability protocol that establishes links to other computers.

It is a hash function that can be used to compare two files to see if they are identical.

According to SANS Internet Storm Center, the average survival time of an unpatched Windows PC on the Internet is - Less than two minutes - Less than two hours - Less than two days - Less than two weeks

Less than two hours

Antispam does all of the following EXCEPT: - Blacklisting - Malicious code detection - Language filtering - Trapping

Malicious code detection

Which of the following is a standard that provides guidance on the elements of a credit card transaction that needs protection and the level of expected protection? - FCRA - PCI DSS - FACTA - GBLA

PCI DSS

Zone Alarm, Windows ICF, and iptables are all examples of - Antivirus - Antispyware - Antispam - Personal firewalls

Personal firewalls

When taking photographs for use as evidence, what type should be taken? - Digital camera pictures - Film with a high speed shutter - Film with a low speed shutter - Polaroid

Polaroid

The nuisance of web pages that automatically appear on top of your current web page can be remedied with - Antivirus - Antispam - Pop-up blockers - Firewalls

Pop-up blockers

A privacy-enhancing technology called cookie cutter does which of the following? - Makes copies of your information for safe keeping - Makes sure when you connect to sites you use the same appropriate information - Prevents the transfer of cookies between browsers and web servers. - Is used by server to prevent the use of unnecessary cookies

Prevents the transfer of cookies between browsers and web servers.

A structured approach to determining the gap between desired privacy performance and actual privacy performance is called - Personal impact assessment - Privacy information assessment - Personal privacy assessment - Privacy impact assessment

Privacy impact assessment

Which of the following is true about the Family Education Records and Privacy Act of 1974? - Extends the tap-and-trace provisions of existing wiretap statutes to the Internet, and mandated certain technological modifications at ISPs to facilitate electronic wiretaps on the Internet - Protects student records from being accessed by anyone other than the student or student's family - Makes it a violation of federal law to knowingly use another's identity - Implements the principle that a signature, contract, or other record may not be - Denies legal effect, validity, or enforceability solely because it is electronic form

Protects student records from being accessed by anyone other than the student or student's family

Tangible objects that prove or disprove fact are what type of evidence? - Direct evidence - Real evidence - Documentary evidence - Demonstrative evidence

Real evidence

Evidence that is material to the case or has bearing on the matter at hand is what standard of evidence? - Sufficient evidence - Competent evidence - Relevant evidence - Real evidence

Relevant evidence

What is the mechanism for self-regulation that can be enforced through trade practice law via the FTC called? - PII protection - Safe sailing - Safe Harbor - Harbor protection

Safe Harbor

What is the law that overhauled the financial accounting standards for publicly traded firms in the United States? - Computer Fraud and Abuse Act - Stored Communications Act - CAN-SPAM Act - Sarbanes-Oxley Act

Sarbanes-Oxley Act

Egress filtering - Scans incoming mail to catch spam - Scans outgoing mail to catch spam - Messages are scan for specific words or phrases - Filters out POP traffic

Scans outgoing mail to catch spam

What is the space in a cluster that is not occupied by a file called? - Free space - Slack space - Open space - Unused space

Slack space

Windows Defender does all of the following EXCEPT: - Spyware detection and removal - Real-time malware protection - Spam filtering - Examine programs running on your computer

Spam filtering

How does stateful packet filtering differ from basic packet filtering? - Stateful packet filtering looks only at each packet individually. - Stateful packet filtering looks at the packets in relation to other packets. - Stateful packet filtering looks at the destination address. - Stateful packet filtering looks at the source address.

Stateful packet filtering looks at the packets in relation to other packets

What is a law passed by a legislative branch of government called? - Statutory law - Administrative law - Common law - Blue law

Statutory law

Evidence that is convincing or measures up without question is what standard of evidence? - Sufficient evidence - Competent evidence - Relevant evidence - Real evidence

Sufficient evidence

Which of the following is NOT a disadvantage of host-based IDS? - The IDS uses local system resources. - The IDS can have a high cost of ownership and maintenance. - The IDS must have a process on every system you want to watch. - The IDS is ineffective when traffic is encrypted.

The IDS is ineffective when traffic is encrypted.

What is the Convention on Cybercrime? - A convention of black hats who trade hacking secrets Correct Answer - The first international treaty on crimes committed via the Internet and other computer networks - A convention of white hats who trade hacker prevention knowledge - A treaty regulating international conventions

The first international treaty on crimes committed via the Internet and other computer networks

Which of the following is NOT an advantage of network-based IDS? - It takes fewer systems to provide IDS coverage. - They can reduce false positive rates. - Development, maintenance, and upgrade costs are usually lower. - Visibility into all network traffic and can correlate attacks among multiple systems.

They can reduce false positive rates.

One of the advantages of HIDS is that - They can reduce false-positive rates - Their signatures are broader - They can examine data before it has been decrypted - They are inexpensive to maintain in the enterprise

They can reduce false-positive rates

The main purpose of a honeypot is - To identify hackers so they can be tracked down by the FBI - To slow hackers down by providing an additional layer of security that they must pass before accessing the actual network - To distract hackers away from attacking an organization's live network - To help security professionals better understand and protect against threats to the system

To help security professionals better understand and protect against threats to the system

A sniffer must use a NIC in promiscuous mode; otherwise it will not see all the network traffic coming into the NIC. True or False

True

Carnivore is an eavesdropping program for the Internet. True or False

True

Computer trespass is treated as a crime in many countries. True or False

True

Content-based signatures detect character patterns and TCP flag settings. True or False

True

FACTA mandates that information that is no longer needed must be properly disposed of. True or False

True

In the United States, the primary path to privacy is via opt-out, whereas in Europe and other countries, it is via opt-in. True or False

True

Only active intrusion detection systems (IDS) can aggressively respond to suspicious activity, whereas passive IDS cannot. True or False

True

The CAN-SPAM Act allows unsolicited e-mail as long as there is an unsubscribe link; the content must not be deceptive and not harvest emails. True or False

True

The DMCA protects the rights of recording artists and the music industry. True or False

True

The NIDS signature database is usually much larger than that of a host-based system. True or False

True

The Patriot Act permits the Justice Department to proceed with its rollout of the Carnivore program, an eavesdropping program for the Internet. True or False

True

The development of a privacy policy is an essential foundational element of a company's privacy stance. True or False

True

The sale of some types of encryption overseas is illegal. True or False

True

The three things that should govern how good citizenry collects PII are notice, choice, and consent. True or False

True

Two laws that provide wide-sweeping tools for law enforcement to convict people who hack into computers—or use them to steal information—are the ECPA and the CFAA. True or False

True

VPAA is considered to be the strongest US privacy law by many privacy advocates. True or False

True

A video rental store shares its customer database with a private investigator. The rental store may have violated which law? - COPPA - VPPA - FERPA - CFAA

VPPA

In the United States the primary path to privacy is _______. In Europe the primary path to privacy is _________. - opt-in; opt-in - opt-in; opt-out - opt-out; opt-out - opt-out; opt-in

opt-out; opt-in

The term forensics relates to the application of ____________ knowledge to ___________ problems. - legal; computer - complete; software - scientific; legal - familiar; unfamilia

scientific; legal


Related study sets

Securities Industry Essentials Exam

View Set

QMB 3200 ch 8: Interval Estimation

View Set